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CLAIM AMENDMENTS 

Claims pending: 

• At time of the Office Action: Claims 1-74- 

• After this Response; Claims 1-37, 39-42, 45-69 and 71 -73. 
Canceled claims: 38, 43, 44, 70, and 74, without prejudice. 
Amended claims: 1-3, 26, 27, 37, 45, 69, 72, and 73. 

New Claims: None, 

The listing of claims below will replace prior versions of claims in the 
application: 

1. (Currently Amended) A method comprising: 

initiating an online gaming activity from a gaming system with multiple 
users; and 

authenticating the multiple user s, the gaming system, a game title, and an 
online service together in a single request/reply exchange with an authentication 
entity. 

2. (Currently Amended) A method as recited in claim 1, wherein the 
authenticating comprises: 

submitting a request from the gaming system to the authentication entity, 
the request containing identities of the multiple user s, identification of the gaming 
system, identificati on of the game title, and identification of the online service : 
and 
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returning a rq)ly from the authentication entity to the gaming system that 
can be used to authenticate the multiple users , the gaming sv5tem> and the game 
title in the online gaming activity, 

3. (Currently Amended) A method as recited in claim 1, wherein the 
authenticating comprises: 

forming, at the gaming system, a request containing an identity string that 
includes a gaming system identity^ a game title identity, multiple user identities, 
and an identity of an online service; 

submitting the request from the gaming system to the authentication entity; 

creating, at the authentication entity, a reply containing the identity string 
and a session key Kxa to be used in communication between the gaming system 
and the online service, the reply being encrypted with a key associated with the 
online service; and 

returning the reply from the authentication entity to the gaming system. 

4. (Original) A method as recited in claim 1, wherein the authenticating 
comprises exchanging messages specified in the Kerberos protocol, the response 
message containing a ticket having a authorization data field which acknowledges 
that multiple identities have been authenticated. 



3 



rae»hayes pltc 509-324*9256 



ApplicatiOT No. 09/802,795 



PAGE 7/42 ' RCVD AT SmS 6:32:44 PM [Eastern DayDght 



PUG 09 2005 15::^ FR LEE - HftYES PLL 509 323 8979 TO 15712738300 P. 08/42 

5. (Original) One or more computer-readable media comprising computer- 
executable instructions that, when executed, perform the method as recited in 
claim L 

6. (Previously Presented) A method comprising: 

submitting a single request from a game console to a ticket issuing entity, 
the request containing a game console identity, multiple user identities, and an 
identity of an online service; 

returning a ticket from the ticket issuing entity to the game console, the 
ticket containing the game console identity and the multiple user identities 
encrypted with a key associated with the online service; 

passing the ticket from the game console to the online service; and 
decrypting the ticket at the online service, wherein after the decrypting the 
authenticity of the multiple users contained in the ticket is trusted, 

7. (Previously Presented) A method as recited in claim 6, wherein the 
single request further includes an identity of the game console, and the game 
console identity is included in the issued ticket, 

8. (Original) A method as recited in claim 6, further comprising sending 
some cryptographical information to prove knowledge of the user's key while 
submitting the request. 
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9. (Original) A method as recited in claim 6, wherein the ticket further 
includes at least one of the online service identity, a time that the ticket is 
generated, a second time parameter indicative of when the ticket expires, and a 
randomly generated session key to be used in communication between the game 
console and the online service. 

10. (Original) A method as recited in claim 6, wherein the returning 
further comprises sending an attached message along with the ticket from the 
ticket issuing entity to the game console, the message containing a randomly 
generated session key to be used in communication between the game console and 
the online service. 

IL (Original) A method as recited in claim 10, wherein the attached 
s^sion message is encrypted with a key associated with the game console. 

12. (Original) A method as recited in claim 10, wherein the passing 
comprises sending a second message with a current time encrypted with the 
session key. 
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13. (Original) A method as recited in claim 12, wherein the ticket further 
includes a randomly generated session key and the verifying, at the online service, 
further comprises: 

decrypting the ticket using the key associated with the online service to 
recover the session key; 

decrypting the second message with the session key to recover the current 
time; and 

authenticating the multiple users and the game console in the event that the 
recovered current time is within an acceptable time window from the current time. 

14. (Original) A method as recited in claim 6, further comprising: 
sending a reply from the online service to the game console; and 
verifying, at the game console, an authenticity of the reply 

15. (Original) One or more computer-readable media comprising 
computer-executable instructions that, when executed, perform the method as 
recited in claim 6. 
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16. (Original) A method comprising: 

creating, at a game console, multiple validated user identities (U|, Hj), (Ui, 
H2), - . M (Uu, Hu) composed of user identities Uj, U2, . . Uu and associated values 
H], H2, Hu derived from the user's key; 

forming, at the game console, a request containing an identity string that 
includes a game console identity X, a game title identity G, the multiple validated 
user identities, and an identity A of an online service, as follows: 

Request = [X, Q A, (U,, H,), (Uu, H^)]; 

submitting the request from the game console to a ticket issuing entity; 

creating, at the ticket issuing entity, a ticket containing the identity string 
and a session key Kxa encrypted with a key Ka associated with the online service, 
as follows: 

Ticket = EkaEKxa, X, Q A, U,,Ua,U3,U4]; 

sending the ticket along with the session key Kxa from the ticket issuing 
entity to the game console; 

passing the ticket from the game console to the online service along wift 
data encrypted using the session key KxaJ and 

verifying the ticket at the online service by decrypting the ticket using the 
online service key Ka, extracting the session key Kxa from the decrypted ticket, 
and decrypting the data from the game console using the session key Kxa- 
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17. (Original) A method as recited in claim 16, wherein the creating 
comprises computing cryptographic hash digests of user keys associated with the 
multiple users, each user identity being a combination of the user identity and the 
cryptographic hash of an associated user key. 

18. (Original) A method as recited in claim 16, wherein the creating 
comprises encrypting a time value using keys associated with the multiple users, 
each user identity being a combination of the user identity and the current time 
encrypted with the user key. 

19. (Original) A method as recited in claim 16, wherein the request further 
includes an identity of the game console. 

20. (Original) A method as recited in claim 16, wherein the ticket further 
includes at least one of a time that the ticket is generated and a second time 
parameter indicative of when the ticket expires. 

21. (Original) A method as recited in claim 16^ further comprising 
encrypting the session key Kxa with a key associated with the game console 
before said sending of the session key to the game console. 

22. (Original) A method as recited in claim 16, wherein the data comprises 
a time value representative of a current time. 
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23. (Original) A method as recited in claim 16, wherein the data comprises 
a time value representative of a current time, and the verifying comprises 
authenticating the game console and the multiple users in an event that the time 
value received from the game console is within an acceptahle time window from a 
current time, 

24. (Original) A method as recited in claim 23, further comprising: 
sending a reply from the online service to the game console, the reply 

containing the time value encrypted using the session key Kxa; and 

verifying, at the game console, an authenticity of the online service in an 
event that the game console successfully decrypts the time value using the session 
key Kxa, and the time value returned matches the time value sent to the online 
service, 

25. (Original) One or more computer-readable media comprising 
computer-executable instructions that, when executed, perform the method as 
recited in claim 16. 

26. (Cxurently Amended) A method for operating a game console, 
comprising: 

submitting a request to a ticket issuing entity, the request containing 
multiple user identitie s, a game title, and an identity of an online service; and 

receiving a single ticket from the ticket issuing entity that can be used to 
authenticate the multiple user identities and the game title to the online service. 
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27. (Currently Amended) A method as recited in claim 26, wherein the 
request further includes at loast ono of an identity of the game console and an 
id e ntity of a gamo titl e b e ing played in the gamo console , 

28. (Original) A method as recited in claim 26, further comprising 
cryptographically deriving the user identities from information associated with the 
users* 

29- (Original) A method as recited in claim 26, wherein the ticket includes 
at least one of (1) the multiple user identities, (2) the identity of the online service, 
(3) an identity of the game console, (4) an identity of a game title being played in 
the game console, (5) a time that the ticket is generated^ (6) a second time 
parameter indicative of when the ticket expires, and (7) a randomly generated 
session key to be used in communication between the game console and the online 
service. 

30. (Original) A method as recited in claim 26, further comprising sending 
the ticket to the online service. 

31. (Original) One or more computer-readable media comprising 
computer-executable instructions that, when executed, perform the method as 
recited in claim 26. 
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32. (Original) A method for operating a game console, comprising: 
submitting a request to a ticket issuing entity, the request containing 

multiple user identities and an identity of the game console; and 

receiving a single ticket from the ticket issuing entity that can be used to 
authenticate the multiple user identities and the game console, 

33. (Original) A method for operating a game console, comprising: 
creating a request with multiple user identities of multiple users who are 

playing on a game console; and 

submitting the request to a third party. 

34. (Original) A method as recited in claim 33, wherein the request 
includes at least one of an identity of an online service, an identity of the game 
console, an identity of a game title being played in the game console, 

35. (Original) A method as recited in claim 33, further comprising 
receiving a single ticket from the ticket issuing entity that can used to authenticate 
the multiple user identities to another entity. 

36. (Original) One or more computer-readable media comprising 
computer-executable instmctions that, when executed, perfomi the method as 
recited in claim 33. 
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37. (Currently Amended) A method comprising: 

receiving a request from a game console, the request containing multiple 
user identities of multiple users who are playing at the game console , a game 
console identity, a game title identity, and an identity of a third party; 

generating a single ticket to be used to authenticate the multiple user 
identities , the game console identity, and the game title identity to the third party; 
and 

returning the ticket to the game console. 

38. (Canceled), 

39. (Original) A method as recited in claim 37, wherein the ticket includes 
at least one of (1) the multiple user identities, (2) the identity of the third party, (3) 
an identity of the game console, (4) an identity of a game title being played in the 
game console, (5) a time that the ticket is generated, (6) a second time parameter 
indicative of when the ticket expires, and (7) a randomly generated session key to 
be used in communication between the game console and the third party. 

40. (Original) A method as recited in claim 37, further comprising 
encrypting the ticket with a key associated with the third party prior to said 
returning the ticket 
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41. (Original) A method as recited in claim 37, further comprising: 
generating a session key to be used in communication between the game 

console and the third party; and 

sending the session key to the game console. 

42. (Original) One or more computer-readable media comprising 
computer-executable instructions that, when executed, perform the method as 
recited in claim 37. 

43. (Canceled), 

44. (Canceled). 

45. (Currently Amended) A method for manufacturing a game console, 
comprising: 

constructing a game console with associated authentication information; 

and 

storing the authentication information in a database to be used for 
authenticating the game consol e, a game title e xecuting on the game console, and 
multiple users of the game console after the game console is released from 
manufacturing- 
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46. (Original) A method as recited in claim 45, wherein the authentication 
information comprises at least one of a hard disk drive ID, a CPU ID, a first value 
derived from the hard disk ID, a second value derived from the CPU ID, and a 
third value derived from a combination of the hard disk drive ID and the CPU ID. 

47. (Original) A method as recited in claim 45, wherein the authentication 
information comprises one or more serial numbers of hardware components in the 
game console. 

48. (Original) A method as recited in claim 45, wherein the authentication 
information comprises a random key generated at manufacturing tmie. 

49. (Original) A method as recited in claim 45, further comprising 
securely transferring the database to an authentication site for access by an 
authentication server. 

50. (Original) A method as recited in claim 45, further comprising 
creating, at the authentication server, account names/passwords for the game 
consoles identified in the database. 

51- (Original) One or more computer-readable media comprising 
computer-executable instructions that, when executed, perform the method as 
recited in claim 45. 
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52. (Previously Presented) A method for validating an authenticity of a 
game console and multiple users of tiie game console, comprising: 

receiving, from the game console, authentication information that is 
associated with the game console at a time of manufacturing; and 

evaluating the authentication information to determine whether the game 
console is valid. 

53. (Original) A method as recited in claim 52, wherein the authentication 
information comprises at least one of a hard disk drive ID, a CPU ID, a first value 
derived from the hard disk ID, a second value derived from the CPU ID, and a 
third value derived from a combination of the hard disk drive ID and the CPU ID. 

54. (Original) A method as recited in claim 52, wherein the evaluating 
comprises using a database of authentication information for game consoles to 
determine whether the authentication is valid. 

55. (Original) A method as recited in claim 52, wherein the evaluating 
comprises ascertaining whether an account for the game console associated with 
the authentication information has already been established, 

56. (Original) A method as recited in claim 52, further comprising, in an 
event that the game console is valid, generating an identity and a cryptographic 
key for the game console. 
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57. (Original) A method as recited in claim 52, further comprising, in an 
event that the game console is valid, creating an account for the game console, 

58. (Original) One or more computer-readable media comprising 
computer-executable instmctions that, when executed, perform the method as 
recited in claim 52, 

59. (Original) A computer-readable medium for a game console 
comprising computer-executable instructions that, when executed, direct the game 
console to: 

create multiple validated user identities (Ui, Hj), (U2, H2), (Uu, Hu) 
composed of the multiple user identities Uj, U2, Uu and associated values Hi, 
H2, derived from the user*s key; 

form a request containing a game console identity X, a game title identity 
Q the multiple user identities, and an identity A of an online service, as follows: 

Request = [X^QA, (Ui,Hi), ...,(Uu, Hu)];and 

submit the request to a ticket issuing entity over a network. 
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60. (Original) A computer-readable medium as recited in claim 59, fiirther 
comprising computer-executable instructions that, whei» executed, direct the game 
console to compute cryptographic hash digests of user keys associated with the 
multiple users, each user identity being a combination of the user identity and the 
cryptographic hash of an associated user key. 

61 - (Original) A computer-readable medium as recited in claim 59, further 
comprising computer-executable instructions that, when executed, direct the game 
console to encrypt a time value using keys associated with the muhiple users, each 
user identity being a combination of the user identity and the encrypted time value. 

62. (Original) A computer-readable medium as recited in claim 59, further 
comprising computer-executable inshuctions that, when executed, direct the game 
console to form the request to iurther include at least one of an identity of the 
game console, a random nonce, and a checksum value to ensure receipt of all 
contents of the request. 

63. (Original) A computer-readable medium as recited in claim 59, further 
comprising computer-executable instructions that, when executed, direct the game 
console to: 

receive a ticket from the ticket issuing entity, the ticket containing the game 
console identity X, tiie game title identity G, the multiple user identities, the online 
service identity A, and a session key Kxa together encrypted with a key Ka 
associated with the online service, as follows: 
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TicketA= Eka[Kxa, X, Q A, U^Uj^.-Uu]; 

receive the session key Kxa ^om the ticket issuing entity; and 
pass the ticket from the game console to the online service along with some 
information encrypted using the session key Kxa- 

64- (Previously Presented) A computer-readable medium comprising 
computer-executable instructions that, when executed, perforai operations 
comprising: 

receive a request from a game console, the request containing an identity 
string that includes a game console identity X, a game title identity G, multiple 
user identities (U,, Hi), (Uu, Hu), and an identity A of an online service, as 
follows: 

Request = [X, d A, (U,, H,), , . (Uu, Hu)]; and 

generate a ticket containing the identity string and a session key Kxa 
together encrypted with a key Ka associated with the online service, as follows: 

TickctA = EiCA[KxA, X Q K U,,U2,. . .Uu]; and 

retum the ticket to the game console. 
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65. (Origmal) A computer-readable medium as recited in claim 64, further 
comprising computer-executable instnictions that, when executed, direct the game 
console to generate the request to further include at least one of a time that the 
ticket is generated and a time length before expiration of the ticket. 

66. (Original) A computer-readable medium as recited in claim 64, further 
comprising computer-executable instructions that, when executed, direct the game 
console to encrypt the session key Kxa with a key associated with the game 
console and send the encrypted session key to the game console. 

f 

67. (Original) A single gaming ticket data structure embodied on a 
computer readable, comprising multiple user identities of users playing at a game 
console, encrypted using a key associated with a third party entity to which the 
multiple users are to be authenticated- 

68. (Original) A single gaming ticket data structure embodied on a 
computer readable, comprising multiple user identities of users playing at a game 
console and an identity of the game console, encrypted using a key associated with 
a third party entity to which the multiple users are to be authenticated, 

69. (Currendy Amended) A game console, comprising: 
a memory; and 

a processor coupled to the memory, the processor being configured to 
obtain authentication of multiple users of the game console together in a single 
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request/reply exchange with an authentication entity, wherein the single 
request/replv exchange identifies the multiple users, the game coyisole, a g ame 
title> and an online service . 

70. Canceled. 

71. (Original) A game console as recited in claim 70, wherein the memory 
comprises a hard disk drive with an associated hard disk ID and the processor has 
an associated processor ID, and the processor is configured to submit at least one 
of the hard disk ID, the CPU ID, and a value derived fix)m the CPU ID to a third 
party as part of a process to obtain the game console identity* 

72. (Cxirrently Amended) A system, comprising: 
a ticketing issuing entity; 

a game console configured to submit a request to the ticket issmng entity, 
the request containing multiple user identitie s, a game c onsole identity, a game 
title identity, and an identity of an online service; and 

the ticket issuing entity being configured to generate a single ticket that can 
be used by the game console to authenticate the multiple user identities, the game 
console identity, and the pame title identity to the online service. 



20 



Application No, 09/802.795 



tee®hay«& pttc 509-324-9256 



PAGE24/42'RCVDATm056:32:44PM [Eastern DaylighlTI^^^ 



AUG 09 2005 15:41 FR LEE - HftYES PLL 509 323 8979 TO 1571273B300 



P. 25/42 



73- (Currently Amended) A system, comprising: 
a ticketing issuing entity; 

a game console configured to submit a request to the ticket issuing entity, 
the request containing multiple user iMentitipa, a pame console identity, and a game 
title identity : and 

the ticket issuing entity being configured to generate a single ticket that can 
be used by the game console to authenticate the multiple user identities, the game 
console identity, and the fyame title identity tt> a third party. 

74. (Canceled). 
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